Data leakage and loss reign as the top bring your own device (BYOD) security concerns, according to a survey of more than 800 global cyber security professionals.
The survey, conducted by Crowd Research Partners in conjunction with data security vendors Bitglass, Blancco Technology Group, Check Point Technologies, Skycure, SnoopWall and Tenable Network Security, found that 56 percent of companies are worried about unauthorized access to company data and systems.
Security (39 percent) and employee privacy (12 percent) are the biggest inhibitors of BYOD adoption. In contrast, management opposition (3 percent) and user experience concerns (4 percent) rank far lower.
“With the explosion of data across multiple devices and remote access to systems, organizations are just now realizing how exposed their data is to security breaches,” Pat Clawson, CEO of Blancco Technology Group, told eWEEK. “It’s now critical and urgent for organizations to understand data lifecycle management and the processes and systems required at each stage – from creation of data to when it reaches end-of-life–before it becomes unmanageable.”
Clawson explained this mistake isn’t specific to just one type of business–it happens to all kinds of businesses, regardless of their size, category or customer base.
Survey results indicated security threats to BYOD impose heavy burdens on organizations’ IT resources (35 percent) and help desk workloads (27 percent).
“With the infamous Ashley Madison breach, users who wanted to make sure all of their data was erased from the dating site put all of their trust into the site’s $20 full delete program,” he said. “Even though the obvious pointers to the data had been removed, the actual data hadn’t been permanently removed, which left significant amounts and types of information exposed. What ensued was negative publicity and backlash from the media, customers and the industry at large.”
Clawson said the big lesson for businesses in 2016 will be to test and verify that deletion methods are adequate (data cannot be recovered) and to not blindly trust that simply deleting data will truly get rid of it for good.
“Companies should provide clear information on key situations where mobile data erasure is absolutely necessary–at equipment end of life, when equipment is serviced, when loaner devices are returned and when equipment is re-purposed,” he said.
Despite increasing mobile security threats, data breaches and new regulations, only 30 percent of organizations are increasing security budgets for BYOD in the next 12 months. Meanwhile, 37 percent have no plans to change their security budgets.